Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/62ff71-c4f2-4929-8899-c38330cbd965/1/mPrAq7i6F1N2tGPKknWc6Bt67HU.roa
File: mPrAq7i6F1N2tGPKknWc6Bt67HU.roa (raw, json)
Hash identifier: xb6E0qAX3tyhIALebAGCZ4pPlVaSftpzNQeR/KwCvno=
Subject key identifier: 98:FA:C0:AB:B8:BA:17:53:76:B4:63:CA:92:75:9C:E8:1B:7A:EC:75
Certificate issuer: /CN=53a125890a4af092455abc7bb5abfe48cd852c06
Certificate serial: 01942444A4C536D53A91C2D396953CE10950
Authority key identifier: 53:A1:25:89:0A:4A:F0:92:45:5A:BC:7B:B5:AB:FE:48:CD:85:2C:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U6EliQpK8JJFWrx7tav-SM2FLAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/62ff71-c4f2-4929-8899-c38330cbd965/1/mPrAq7i6F1N2tGPKknWc6Bt67HU.roa
Signing time: Wed 01 Jan 2025 23:47:45 +0000
ROA not before: Wed 01 Jan 2025 23:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201869
IP address blocks: 156.51.150.0/23 maxlen: 23
156.51.152.0/21 maxlen: 21
156.51.160.0/19 maxlen: 19
156.51.192.0/21 maxlen: 21
156.51.200.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:a4:c5:36:d5:3a:91:c2:d3:96:95:3c:e1:09:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53a125890a4af092455abc7bb5abfe48cd852c06
Validity
Not Before: Jan 1 23:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98fac0abb8ba175376b463ca92759ce81b7aec75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:8c:34:16:fe:c7:5d:63:72:70:7d:7d:c4:35:
55:e5:98:dc:f1:91:fc:b7:ff:1e:6b:a1:f6:b8:9b:
2a:56:c1:49:63:c7:d1:ae:51:70:f0:8e:08:b0:fa:
eb:b3:de:12:f9:35:03:b4:d2:9c:44:f3:03:be:42:
20:dc:c8:82:48:1a:1e:a5:76:f2:27:8b:f5:fc:37:
60:45:02:ca:cf:d0:bb:1e:1b:8e:45:78:f9:54:aa:
28:46:31:12:8f:73:3f:5f:ad:ba:bc:95:61:04:6e:
57:be:93:2f:a0:ea:bf:d3:b9:c0:ad:aa:6e:9b:20:
34:f1:3a:8e:2e:4c:de:d6:81:cf:7a:26:a5:b0:12:
45:70:33:3f:7e:7d:1d:dc:55:c1:a8:8e:d9:af:17:
d4:09:40:8f:d5:c3:17:30:14:04:3f:7d:4e:e8:31:
3c:41:fd:5c:13:96:1d:27:16:a9:e9:dd:2b:a0:9f:
2a:7e:de:3c:e7:9e:7e:6c:8b:17:82:10:56:bc:15:
d1:1c:0d:ad:44:99:fb:40:33:94:4c:8f:de:1c:85:
d4:94:57:7b:9d:06:e3:7d:27:72:f7:e6:b7:d0:7c:
b5:76:0b:7e:88:14:01:2e:4c:00:4f:8e:aa:e8:d7:
37:b8:51:58:4d:04:54:ba:7e:6a:2b:af:de:2a:96:
b1:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:FA:C0:AB:B8:BA:17:53:76:B4:63:CA:92:75:9C:E8:1B:7A:EC:75
X509v3 Authority Key Identifier:
keyid:53:A1:25:89:0A:4A:F0:92:45:5A:BC:7B:B5:AB:FE:48:CD:85:2C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U6EliQpK8JJFWrx7tav-SM2FLAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/62ff71-c4f2-4929-8899-c38330cbd965/1/mPrAq7i6F1N2tGPKknWc6Bt67HU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/62ff71-c4f2-4929-8899-c38330cbd965/1/U6EliQpK8JJFWrx7tav-SM2FLAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.51.150.0-156.51.200.255
Signature Algorithm: sha256WithRSAEncryption
87:4f:fb:d6:31:42:92:3e:a3:fb:2c:c6:0c:11:45:54:1f:d5:
0e:9b:55:36:f1:75:0c:29:ec:9b:42:fc:ac:19:d9:7a:0e:8a:
47:80:64:06:8d:2d:78:ee:df:10:5c:50:2e:b5:9b:4d:9a:61:
4e:90:87:5a:fa:27:00:e4:7d:e2:90:82:88:0a:90:eb:66:8d:
10:e3:57:3c:b3:e6:ad:ff:9c:61:40:b8:26:2c:74:51:b2:b2:
87:71:ee:d4:76:de:36:77:f0:78:a1:8a:6b:d2:19:d6:26:03:
2e:94:3f:12:bf:93:fe:83:43:a8:22:b5:db:77:aa:8a:36:69:
6f:ea:c3:ad:6c:de:94:4f:d7:6a:86:dc:93:24:e1:ed:90:97:
2a:26:bc:2e:b8:23:4b:b7:7c:ee:28:bb:82:2f:d9:ef:4b:23:
a1:42:65:35:91:9d:78:83:c3:eb:9a:c2:68:90:84:d1:82:2b:
14:dc:30:83:b3:6d:af:d5:e4:ee:c3:98:24:1b:9d:e2:17:bd:
a9:3c:3c:4c:b6:a6:f2:56:ab:51:3c:8e:be:56:84:a9:57:c4:
97:7d:83:78:7a:2e:19:b7:75:63:cd:0a:c3:26:8a:5e:fa:ed:
ce:4b:3d:25:2d:29:4a:c9:6f:70:cb:23:ec:2e:f8:cb:e0:7c:
7e:47:05:00
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQkRKTFNtU6kcLTlpU84QlQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYTEyNTg5MGE0YWYwOTI0NTVhYmM3YmI1YWJmZTQ4Y2Q4
NTJjMDYwHhcNMjUwMTAxMjM0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGZhYzBhYmI4YmExNzUzNzZiNDYzY2E5Mjc1OWNlODFiN2FlYzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Iw0Fv7HXWNycH19xDVV5Zjc8ZH8
t/8ea6H2uJsqVsFJY8fRrlFw8I4IsPrrs94S+TUDtNKcRPMDvkIg3MiCSBoepXby
J4v1/DdgRQLKz9C7HhuORXj5VKooRjESj3M/X626vJVhBG5XvpMvoOq/07nArapu
myA08TqOLkze1oHPeialsBJFcDM/fn0d3FXBqI7ZrxfUCUCP1cMXMBQEP31O6DE8
Qf1cE5YdJxap6d0roJ8qft48555+bIsXghBWvBXRHA2tRJn7QDOUTI/eHIXUlFd7
nQbjfSdy9+a30Hy1dgt+iBQBLkwAT46q6Nc3uFFYTQRUun5qK6/eKpaxsQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJj6wKu4uhdTdrRjypJ1nOgbeux1MB8GA1UdIwQY
MBaAFFOhJYkKSvCSRVq8e7Wr/kjNhSwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTZFbGlRcEs4SkpGV3J4N3Rhdi1TTTJGTEFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi82MmZmNzEtYzRmMi00OTI5LTg4OTkt
YzM4MzMwY2JkOTY1LzEvbVByQXE3aTZGMU4ydEdQS2tuV2M2QnQ2N0hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi82MmZmNzEtYzRmMi00OTI5LTg4OTktYzM4MzMwY2JkOTY1
LzEvVTZFbGlRcEs4SkpGV3J4N3Rhdi1TTTJGTEFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGcM5YD
BACcM8gwDQYJKoZIhvcNAQELBQADggEBAIdP+9YxQpI+o/ssxgwRRVQf1Q6bVTbx
dQwp7JtC/KwZ2XoOikeAZAaNLXju3xBcUC61m02aYU6Qh1r6JwDkfeKQgogKkOtm
jRDjVzyz5q3/nGFAuCYsdFGysodx7tR23jZ38HihimvSGdYmAy6UPxK/k/6DQ6gi
tdt3qoo2aW/qw61s3pRP12qG3JMk4e2QlyomvC64I0u3fO4ou4Iv2e9LI6FCZTWR
nXiDw+uawmiQhNGCKxTcMIOzba/V5O7DmCQbneIXvak8PEy2pvJWq1E8jr5WhKlX
xJd9g3h6Lhm3dWPNCsMmil767c5LPSUtKUrJb3DLI+wu+MvgfH5HBQA=
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:01:13 2025 by rpki-client